Skip to main content
The Multi-Biometrics KYC SDK (MBKYC) is the on-device component of the Validation Gateway (VG) platform operated by the Federal Authority for Identity, Citizenship, Customs & Port Security (ICP). It lets your application capture a customer’s identity — by reading their Emirates ID, or by entering the details manually — optionally capture a fingerprint, and submit it for a verification decision.
The SDK collects identity and biometric data and submits it over an encrypted, authenticated channel. It does not make the verification decision — the Validation Gateway does. The SDK never sees or stores your API secret.

What it does

Read Emirates ID

Read the Emirates ID directly from the physical card or over NFC, or submit its details by manual entry.

Biometric verification

Capture a fingerprint and match it against the resident’s enrolled fingers, guided by a quality-ranked recommendation from the Validation Gateway.

Validate passports

Submit passport details by manual entry for validation against ICP records.

Device registration

Register each device and run all traffic over an encrypted, session-authenticated channel.
Reading (chip/NFC capture) applies to the Emirates ID only. Passports are validated by manual entry.

Supported platforms

We provide the SDK for every platform you’re likely to ship on, with an idiomatic API for each:
PlatformLanguageDistribution
AndroidKotlinAAR via Nexus
Desktop (Windows · Linux · macOS)Kotlin / JavaJAR via Nexus
macOSSwiftXCFramework via Nexus
Windows · LinuxC# (.NET)NuGet (MBKYC.Sdk)
Windows · Linux · macOSCLibrary + headers · installer
BrowserTypeScriptnpm (@mbkyc/sdk)
See the package matrix for exact coordinates, and the SDK guides for per-platform reference.

Supported hardware

  • Any PC/SC-compatible reader on Windows, macOS, and Linux (e.g. ACS, Feitian) via the generic driver
  • Any USB CCID reader on Android via the generic driver
  • NFC on Android
See Supported devices for the full validated hardware matrix and per-platform support.

How a verification works, end to end

  1. You onboard on the Client Portal, create an API key, and note which verification methods are enabled for your organization.
  2. Your application embeds the MBKYC SDK, configured with the base URL, the API key ID, and a token signer that holds the API secret server-side.
  3. The SDK registers the device, opens an encrypted session, then submits a validate request (Emirates ID or passport, with or without a fingerprint).
  4. The Validation Gateway checks the data against ICP records and returns a result.

Start here

Jump to the Quickstart to get a working integration in a few minutes.

Where to go next

Architecture

The trust model and how the SDK reaches the Validation Gateway.

Get the SDK

Pull packages from Nexus for your platform.

Client Portal

Onboard, create API keys, register devices, view methods.